sending mail with squirrelmail
Daniel J Walsh
dwalsh at redhat.com
Mon Dec 20 14:56:39 UTC 2004
Nathan Lee Reynolds (yibble) wrote:
>On Mon, 2004-12-20 at 12:32 +0000, Nathan Lee Reynolds (yibble) wrote:
>
>
>>On Mon, 2004-12-20 at 23:03 +1100, Phil Anderson wrote:
>>--snip--
>>
>>
>>>I think this is a TLS problem - not a squirrelmail problem - take a look
>>>at the following. I think sendmail needs access the random number
>>>generator? Or am I off track?
>>>
>>>
>>--snip--
>>
>>I have a fairly default installation of SquirrelMail, and
>>in /etc/squirrelmail/config.php, the default setting for TLS usage is:
>>
>>$use_imap_tls = false;
>>$use_smtp_tls = false;
>>
>>So that might not be the problem.
>>
>>
>
>Replying to my own post *tsk* These look very suspicious...
>
>Dec 20 12:33:41 wibble kernel: audit(1103546021.943:0): avc: denied
>{ read append } for pid=2931 exe=/bin/bash
>path=/var/lib/squirrelmail/prefs/nreynolds.abook dev=dm-0 ino=3046177
>scontext=root:system_r:httpd_sys_script_t
>tcontext=root:object_r:httpd_var_lib_t tclass=file
>
>
You should relabel /var/lib/squirrelmail
restorecon -R /var/lib/squirrelmail
>Dec 20 12:33:42 wibble kernel: audit(1103546022.264:0): avc: denied
>{ search } for pid=2931 exe=/usr/sbin/sendmail.sendmail name=spool
>dev=dm-0 ino=2109446 scontext=root:system_r:httpd_sys_script_t
>tcontext=system_u:object_r:var_spool_t tclass=dir
>
>Dec 20 12:33:42 wibble kernel: audit(1103546022.264:0): avc: denied
>{ create } for pid=2931 exe=/usr/sbin/sendmail.sendmail
>scontext=root:system_r:httpd_sys_script_t
>tcontext=root:system_r:httpd_sys_script_t tclass=unix_dgram_socket
>
>
This is strange because sendmail.sendmail should be running under a
different context
system_mail_t
>Unfortunately, I'm not aux fait with SELinux, so it's off to do some
>reading for me.
>
>
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
More information about the fedora-selinux-list
mailing list